ci: Run benchmarks on main on the new oracle dedicated workers (#2942)

scottgerring · web-flow · commit 0c2f808ec293 · 2025-06-20T08:37:17.000-07:00
diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml
@@ -15,40 +15,45 @@ on:
 name: benchmark pull requests
 permissions:
   contents: read
-
 jobs:
   runBenchmark:
     name: run benchmark
     permissions:
       pull-requests: write
 
-    # If we're running on a PR, use ubuntu-latest - a shared runner. We can't use the self-hosted
-    # runners on arbitrary PRs, and we don't want to unleash that load on the pool anyway.     
-    # If we're running on main, use the OTEL self-hosted runner pool. 
-    
-    # TODO - temporarily move main to the shared workers, until we've resolved the instance setup issue
-    # runs-on: ${{ github.event_name == 'pull_request' && 'ubuntu-latest' || 'self-hosted' }}
-    runs-on: 'ubuntu-latest'
+    # If we're running on main, use our oracle bare-metal runner for accuracy. 
+    # If we're running on a PR, use github's shared workers to save resources.
+    runs-on: ${{ github.event_name == 'pull_request' && 'ubuntu-latest' || 'oracle-bare-metal-64cpu-512gb-x86-64' }}
     if: ${{ (github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'performance')) || github.event_name == 'push' }}
+    container:
+      image: rust:slim-bullseye
     env:
       # For PRs, compare against the base branch - e.g., 'main'. 
       # For pushes to main, compare against the previous commit
       BRANCH_NAME: ${{ github.event_name == 'pull_request' && github.base_ref || github.event.before }}
+      GIT_DISCOVERY_ACROSS_FILESYSTEM: 1
     steps:
       - name: Harden the runner (Audit all outbound calls)
         uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
+      - name: Setup container environment
+        run: |
+          apt-get update && apt-get install --fix-missing -y unzip cmake build-essential pkg-config curl git
+          cargo install cargo-criterion
+
+      - name: Make repo safe for Git inside container
+        run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
+
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
-          fetch-depth: 10  # Fetch current commit and its parent
+          fetch-depth: 10 # Fetch a bit of history so we can do perf diffs
+
       - uses: arduino/setup-protoc@c65c819552d16ad3c9b72d9dfd5ba5237b9c906b # v3.0.0
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
-      - uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b
-        with:
-          toolchain: stable
+
       - uses: boa-dev/criterion-compare-action@adfd3a94634fe2041ce5613eb7df09d247555b87 # v3.2.4
         with:
           branchName: ${{ env.BRANCH_NAME }}
